GEODE-3974: Improve permissions for geode-connectors functions#1265
Merged
Conversation
sboorlagadda
requested review from
PurelyApplied,
dschneider-pivotal,
jdeppe-pivotal,
jinmeiliao,
lgallinat and
pdxrunner
sboorlagadda
force-pushed
the
jdbc_fn_permissions
branch
from
4b15adc to
e447e3a
Compare
jdeppe-pivotal
approved these changes
Jan 11, 2018
jinmeiliao
requested changes
Jan 11, 2018
| } | ||
|
|
||
| @Override | ||
| public Collection<ResourcePermission> getRequiredPermissions(String regionName) { |
Member
There was a problem hiding this comment.
maybe for functions that "alters" something, it should be cluster:write?
Member
Author
There was a problem hiding this comment.
Alter connections/mappings does change cluster-config which is very similar to create & destroy operations.
Also, most other alter operations do use X:MANAGE:X permission.
| } | ||
|
|
||
| @Override | ||
| public Collection<ResourcePermission> getRequiredPermissions(String regionName) { |
Member
There was a problem hiding this comment.
I don't think we need to add this here for an abstract function
Member
Author
There was a problem hiding this comment.
This is the new default that is set for any JDBC connector function as most of JDBC functions have to deal with cluster-config.
Otherwise the default would be DATA:WRITE inherited from Function interface.
jinmeiliao
approved these changes
Jan 11, 2018
sboorlagadda
force-pushed
the
jdbc_fn_permissions
branch
from
7911f85 to
afe4a85
Compare
lgallinat
approved these changes
Jan 11, 2018
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Thank you for submitting a contribution to Apache Geode.
In order to streamline the review of the contribution we ask you
to ensure the following steps have been taken:
For all changes:
Is there a JIRA ticket associated with this PR? Is it referenced in the commit message?
Has your PR been rebased against the latest commit within the target branch (typically
develop)?Is your initial contribution a single, squashed commit?
Does
gradlew buildrun cleanly?Have you written or updated unit tests to verify your changes?
If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
Note:
Please ensure that once the PR is submitted, you check travis-ci for build issues and
submit an update to your PR as soon as possible. If you need help, please send an
email to dev@geode.apache.org.